Google seriously threatens Firefox security model!

Hi malware fighters,

The cooperation between the Mozilla Foundation and Google could seriously threaten the security of Firefox-browser users, according to security expert Christopher Soghoian. “If a Firefox security feature threatens Google’s business model, the feature has to be scaled down, and not the search-engine.” 56 out of the 66 million dollars that Mozilla made last year was provided by Google. Several Google engineers put a lot of effort in developing the Firefox open source browser. Then the searchengine pays AdSense a dollar for every Firefox installation with the Google toolbar added.

This cooperation leads to conflicts, in which security and privacy are given up to ensure cashing Google money. Soghoian mentions two specific Firefox extensions, AdBlock Plus and CustomizeGoogle, that block ads and deny Google cookies. The researcher wonders why Mozilla did not bring these anti-Google features by default. Also a feature like TrackMeNot is not endorsed either. You can switch to Flock, but then you have the same story with Yahoo as major player to generate browser money.
I have given postings here in this forum how to further neutralize Google cookie info with bookmarklets or using alternative search-engines.

Google’s blacklisting is dubious according to security experts, because Google is hosting quite some number of phishing sites, but at the other hand nobody dares to blacklist Google itself. “Now that Google provides the de blacklists for the new Firefox 3.0 anti-malware feature, we can all wonder: Can we really trust Google any longer?”

pol

Can we really trust Google any longer?"
That depends entirely on the individual user. I trust them with lots of things and have never gotten burned. I do however get a little help from SiteAdvisor, finjan and rgGuard. :)

I had wondered what bookmarklets were (but not curious enough to go looking) when I saw it as a block able feature in NoScript.

So I googled ;D it ;D and I’m not sure I like the idea of being able to put a javascript program within a bookmark stored on your browser. No thanks I feel this bookmarklet is an other exploit waiting to be misused.

http://en.wikipedia.org/wiki/Bookmarklet

Hi DavidR,

This is the Google-Anon bookmarklet: http://www.imilly.com/Nothing
It is not that I have anything against Google as such, because I am a member of the Dutch Google forum Zoekspriet. But we have to keep a finger on the pulse so Google actually does not do any evil.
Again where others fail, Google comes up with the answers,

polonus

I have nothing at all against google, but about the only thing I use is their search engine none of their other products. I trust that if there is ever a clash between mozilla and google possibly involving security I trust the measures I take and the various FF extensions should also stand me in good stead.

Though I really can’t see how a firefox security feature would impact on a business model as their business model shouldn’t leave us less secure. Certain extensions mentioned aren’t security measures TrackMeNot, AdBlock Plus, cookie safe and CustomizeGoogle, etc. but privacy or not wanting to be bugged by ads, etc. So I feel this is an over exaggeration now something like NoScript should be included in the firefox default setup, now I would complain like stink if something like NoScript were to be blocked.

I don’t know what that link was meant to point to but it was a 404 error result as I now have bookmarklets disabled in NoScript ?

Hi DavidR,

I agree with you that the users of the NoScript add-on have absolutely nothing to worry about.

polonus